 |
How do I use iptables to block or drop an IP address that is attacking my server?
If you want to block access to your Linux server, you can use iptables. iptables comes standard with almost all linux distros. You have to log in and su to root.In this example, the attacking IP is 64.38.244.72:
Type the command "iptables -A INPUT -s 64.38.244.72/32 -j DROP"
If you want to block access to a single port from an ip:
Type the command "iptables -A INPUT -s 64.38.244.72/32 -p tcp --destination-port 80 -j DROP"
This will drop all packets from 64.38.244.72/32 to port 80 (http) on the server.
WebsiteSurveillance.com Site Check
Who are these people? I see in my web server logs (for another domain) that they access the domain every five minutes. If you go to their website, it says that they are a company that monitors server uptime. Strange thing is, they have no place to sign up. Stranger still, is that there is no reference to them anywhere on the internet. A google search of WebsiteSurveillance.com brings up two results, both from the WebsiteSurveillance.com website itself. Odd that no one else has ever dealt with them. Their server's IP is 64.38.244.72, somewhere in Az. I blocked them using iptables. << First < Previous [2 / 2] Next > Last >>